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- The MAILING DATE of this communication appears onth c ver sheet with the correspondence address - 



Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (3S U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent temi adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)n This action is FINAL. 2b)^ This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD, 11, 453 O.G. 213. 
Disposition of Claims 

4) S Claim(s) 1-32 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) ^ Claim(s) 1-32 is/are rejected. 

Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 01 June 1999 is/are: a)n accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held In abeyance. See 37 CFR 1 .85(a). 

1 1) 0 The proposed drawing correction filed on is: a)0 approved b)n disapproved by the Examiner. 

If approved, corrected drawings are required In reply to this Office action. 

12) 0 The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

1 3) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 

a)DAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) 0 Acknowledgment is made of a claim for domesfic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 

1 ) ^ Notice of References Cited {PTO-892) 4) □ Interview Summary (PTO-41 3) Paper No(s). . 

2) ^^Notlce of Draftsperson's Patent Drawing Review (PTO-948) 5) O Notice of Informal Patent Application (PTO-152) 

3) ^^ Infomnation Disclosure Statement(s) (PTO-1449) Paper No(s) 2J . 6) O Other: 
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DETAILED ACTION 
Specification 

1 . The disclosure is objected to because of the following informalities: on page 4, line 1 
"target server" is referenced, but "proxy server" seems appropriate. 

Appropriate correction is required. 

2. The disclosure is objected to because of the following informalities: on page 9, line 1 8, 
"503" is referenced incorrectly, "502" is suggested 

Appropriate correction is required. 

3. The disclosure is objected to because of the foUov^ng informalities: on pagel2, lines 1 0 and 
1 1, "304-205" is incorrect, "304-305" is suggested. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 112 

4. Claim 3 1 is objected to because of the following informalities: "target server" in paragraph 4, 
lines 5 and 6 is referenced incorrectly, and "proxy server" is suggested. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
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having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claimsl, 4, 1 1, 12, 22, and 28 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Pepe et al. (5,673,322) (hereinafter Pepe) in view of Gabber et al. (XP-002059819) 
(hereinafter Gabber). 



7. As per claims 1,11, and 22, Pepe (Figure 5) discloses a client using a web browser 54 to 
send a request to a web sever 68 via a local proxy sever 56. The proxy server 56 converts it 
from an application layer protocol based message to a transport layer protocol based 
message (column 5, lines 54 through 56), then transmits the request to a remote proxy 
server (column 1 1, line 55), located at the target web server place (column 5, lines 50 
through 52). Also, Pepe (column 14, lines 25 through 35) discloses the conversion process 
includes encrypting the client request, and ftirther indicates (column 9, lines 13 through 40) 
that for this purpose, one of ordinary skill in the art could easily design an encryption 
scheme based on well-known principles. Pepe, however, does not specifically disclose the 
augmentation of the user request with encrypted user profile information and its 
transmission directly to the web server. Gabber teaches the implementation of a 
cryptographic function and transmission of the user request directly to a targeted web server 
by a proxy server named Janus (page 20, lines 4 through 7 and page 21, lines 12 through 
13). Gabber also teaches appending the user request with new information related to the 
user before sending it to the web server (page21, line 23 and page 24, lines 1 through 5). It 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made to append a user request with new information related to the user before sending it to 
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the web server as taught in Gabber in the communication systm of Pepe because it would 
provide for the secure and direct access of the user to the targeted web site. This 
arrangement especially is advantageous for the web sites that do not have external proxy 
sever. 

8. As per claim 4, 12 and 28, Pepe does not disclose the retrieval of user profile information 
from a database. Gabber teaches the use of user information by the proxy server to be sent 
along with the user request to the web server. This is indicative of retrieving the user 
information from a kind of storage, i.e. a database containing user information (page 21, 
paragraph 3). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine the teaching of Pepe v^th Gabber because it would provide 
for the proxy server to carry out only the process of authentication of the user on the 
subsequent visits of the user to the web site. 

9. Claims 2, 3 and 5 are rejected under 35 U.S.C. 103(a) as being unpatentable over Pepe et al. 
(5,673,322) (hereinafter Pepe) in view of Gabber et al. (XP-002059819) (hereinafter 
Gabber) and fiirther in view of White (6,049,877). 

10. Pepe in view of Gabber teaches all the limitations of the above claims but does not specify 
the creation of a token in reference to the user information by the web server to be 
transmitted to the client proxy server. White, however, teaches that the web server creates a 
token with regard to the user information. The token is sent to and being stored at the client 
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proxy server for use with subsequent user requests (column 10, lines 1 through 1 1). It would 
have been obvious to one of ordinary skill in the art at the time the invention was made to 
create a token for subsequent user request as taught in White, in the system of Pepe in view 
of Gabber because it would allow a proxy sever not to encrypt and transmit the user 
information profile in the subsequent queries to the web server by the user. 



1 1 . Claims 6- 1 0, 24 and 30 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over Pepe 
et al. (5,673,322) (hereinafter Pepe) in view of Gabber et al. (XP-002059819) (hereinafter 
Gabber) and further in view of Lincke et al. (6,253,326 Bl) (herinafter Lincke.) 



12. Pepe discloses the use of an encryption scheme for encrypting the user request (column 14, 
line 31). Pepe in view of Gabber does not specify the method of the encryption. Lincke 
teaches the generation and the use of a local key as an encryption key to encrypt the user 
message and the use of a public key to encrypt the local key (column 115, lines 45 through 
55). It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to use a local key as encryption key as taught in Lincke for the encryption system 
of Pepe in view of Gabber because it would provide for the proxy sever to securely 
transmit the encryption key to a remote web server site. 



13. Claims 13-15, 18, 25, 27, 31, and 32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Pepe et al. (5,673,322) (hereinafter Pepe) in view of Petitcolas (XP- 
00214286). 
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1 4. As per claim 13-15,18, 25, 27, 3 1 , and 32, Pepe discloses creation of a response to user 
request at the targeted web site server and transmitting it to the client proxy server (column 
16, lines 1 through 12). Pepe, however, does not specify the extraction of user information 
from the request in order to generate a response. Petitcolas teaches the extraction of user 
information from the receiving message and using this information to generate a response 
and transmitting it back to the client proxy (page 302, section 4.1). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to extract the 
user information from the user request at the information server as taught in Petitcolas in the 
system of Pepe, because it would allow the information server to generate a response for the 
user and transmit it to the client proxy server without further re-transmission of user 
information back and forth between the client site and the web site, thus reducing the 
magnitude of the encryption process and the transmitting messages between the two sites. 

15. Claims 16,17, 19-21, and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Pepe et al. (5,673,322) (hereinafter Pepe) in view of Petitcolas (XP-00214286) and further 
in view of White (6,049,877). 

16. As per claim 16, 17, 19-21, and 26, Pepe in view of Petitcolas discloses all the limitations of 
these claims but does not specify associating a reference token with the user information 
and including it in the response. White, however, teaches associating a token with the user 
information and transmitting the token with response to the client proxy server (column 10, 
lines 1 through 24). It would have been obvious to one of ordinary skill in the art at the time 
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the invention was made to create a token at the information server to be sent to the client 
proxy for use with subsequent user request as taught in White, in the system of Pepe in view 
of Petitcolas, because it would allow the information server to generate a token in 
association with the user, and transmit to the client proxy server only the token along with 
the response for use with the subsequent requests. This combination eliminates the 
transmission of user information back to the client site, thus reducing the magnitude of the 
encryption process and the transmitting message to the client proxy. 

17. Claims 23, and 29 are rejected under 35 U.S.C. 103(a) as being unpatentable over Pepe et 
al. (5,673,322) (hereinafter Pepe) in view of Gabber and further in view of White 
(6,049,877). 

18. As per claim 23 and 29, Pepe in view of Gabber discloses all the limitations of these claims, 
but does not specify the generation of a reference token at the web server for use with the 
subsequent user requests. White, however, teaches the use of a token with the subsequent 
user requests to be transmitted to the web server (column 10, lines 1 through 24). It would 
have been obvious to one of ordinary skill in the art at the time the invention was made to 
create a token in reference to the user at the information server as taught in White in the 
system of Pepe in view of Gabber, because it would allow the proxy server to transmit only 
the reference token along with the subsequent user requests to the information server. This 
combination eliminates the re-transmission of user information from the user site to the web 
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site, thus reducing the magnitude of the transmitting messages to the web site by the proxy 
server. 



Conclusion 

19. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure: 

U.S. Pat. No. 5,991,810 to Shapiro et al. 

U.S. Pat. No. 5,586,260 to Hu 

U.S. Pat. No. 6,373,950 Blto Rowney 

U.S. Pat. No. 6,421,781 to Fox et al. 

U.S. Pat. No. 6,081900 to Subramaniam et al. 

U.S. Pat. No. 200/0047484 Al to Medvinsky et al. 

U.S. Pat. No. 5,961,593 to Gabber et al. 

U.S. Pat. No. 6,308,216 to Goldszmidt et al. 

U.S. Pat. No. 6,212,640 Bl to Abdelnur et al. 

U.S. Pat. No. 6,161,145 to Bainbridge et al. 



20. Any inquiry concerning this conmiunication or earlier communications from the examiner 
should be directed to Abdulhakim Nobahar whose telephone number is 703-305-.. . . The 
examiner can normally be reached on M-F 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gilberto Barron can be reached on 703-305-1830. The fax phone numbers for the 
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organization where this application or proceeding is assigned are 703-746-7239 for regular 
communications and 703-746-7240 for After Final communications. 
Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-4832. 



Abdulhakim Nobahar 

Examiner 

Art Unit 2132 



an 

July 30, 2002 



GILBERTO BARRON ^ 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



